From ffaed6517a1c47a8b75eb15424394bb69afebceb Mon Sep 17 00:00:00 2001
From: helmutm <helmutm@fd906abe-77d9-0310-91a1-e0d9ade77398>
Date: Thu, 10 Dec 2009 09:28:55 +0000
Subject: [PATCH] HTML sanitize: allow links

git-svn-id: svn://svn.cy55.de/Zope3/src/cybertools/trunk@3648 fd906abe-77d9-0310-91a1-e0d9ade77398
---
 util/html.py  | 4 ++--
 util/html.txt | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/util/html.py b/util/html.py
index aacdd28..ddce46a 100644
--- a/util/html.py
+++ b/util/html.py
@@ -24,10 +24,10 @@ $Id$
 
 from cybertools.text.lib.BeautifulSoup import BeautifulSoup, Comment
 
-validTags = ('b br div em font h1 h2 h3 i li ol p pre span strong '
+validTags = ('a b br div em font h1 h2 h3 i li ol p pre span strong '
              'table td tr u ul').split()
 
-validAttrs = 'class style border cellspacing cellpadding align'.split()
+validAttrs = 'align border cellpadding cellspacing class href style title'.split()
 
 validStyles = 'font-style font-weight'.split()
 validStyleParts = 'border padding'.split()
diff --git a/util/html.txt b/util/html.txt
index 4729b41..85d8388 100644
--- a/util/html.txt
+++ b/util/html.txt
@@ -13,7 +13,7 @@ $Id$
   ... </html>"""
 
   >>> sanitize(input, validAttrs=['style'])
-  u'\n<p style="font-weight: bold">\n<b>Text</b>\n</p>\n'
+  u'\n<p style="font-weight: bold">\n<a><b>Text</b></a>\n</p>\n'
 
   >>> sanitize(input, ['p', 'b'], ['class'])
   u'\n<p class="standard">\n<b>Text</b>\n</p>\n'